Red Hat Bugzilla – Bug 166093
e2fsck can crash on a bad disconnected inode
Last modified: 2015-01-07 19:10:24 EST
Description of problem: This was actually caused by two bugs. The first bug is that if the inode has been fully fixed up, the code will attempt to remove the inode from the inode_bad_map without checking to see if this bitmap is present. Since it is cleared at the end of pass 2, if e2fsck_process_bad_inode is called in pass 4 (as it is for disconnected inodes), this would result in a core dump. The first bug was mostly hidden by a second bug, which caused e2fsck_process_bad_inode() to consider all inodes without an extended attribute to be not fixed. Version-Release number of selected component (if applicable): e2fsprogs-1.35-12.1.EL4 How reproducible: 100% Steps to Reproduce: 1. Fetch tests/f_bad_disconnected_inode/image.gz from current upstream mercurial e2fsprogs repository (http://thunk.org/hg/e2fsprogs) 2. zcat image.gz > image 3. e2fsck -fy image Actual results: SEGV Expected results: Should fix the filesystem. The patch to fix this is at http://thunk.org/hg/e2fsprogs/?cmd=changeset;node=0502b63a5be9cb490c0c9086fa05edc1b1712a78 and has been checked into upstream e2fsprogs.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2006-0060.html